75 billion yen 'Fake job offer' was used as a method of hacking theft case

A fake using the business SNS LinkedIn as

a method of stealing more than 75 billion yen from the side chain used in 'Axie Infinity' which is popular as a 'P2E (Play to Earn) game' that can be earned just by playing It became clear that the job was used.

How a fake job offer took down the world's most popular crypto game

Elaborate hack of'Axie Infinity' tied to fake LinkedIn job offer | Engadget

The incident, described as the largest crypto-related hack, has revealed the involvement of a North Korean cybercriminal group, but did not reveal details of how it was carried out. ..

In early 2022, the news site The Block received a high-priced job offer via LinkedIn under the staff of Sky Mavis, who develops 'Axie Infinity,' according to information obtained from two people in the know. However, in reality, the company that made this offer did not exist, and the PDF file that arrived as an offer was loaded with spyware, and an attacker invaded the network. Four of the nine validators on the sidechain Ronin network have been hijacked.

Hackers were created to support the gaming ecosystem, Axie DAO (Decentralized Autonomous Organization), although the attack was inadequate at this point as it required five hijackings to gain full control. It is said that the robbery was completed by accessing from.

Following the hack, Sky Mavis announced that it would increase the number of validator nodes to 11 and aim for 100 in the long run. It also implements a circuit breaker function to handle large-scale drawers.

in Web Service,   Security, Posted by logc_nt